ietf-openpgp
[Top] [All Lists]

Re: Tighter MPI spec (and on keychains)

2005-02-24 05:31:39

(on the keyrings only)

Rick van Rein wrote:

Another thing.  In 3.6 on Keyrings, I was confused whether it described a
message format or a storage format.  Only the former seems interesting in
the scope of this spec.  I therefore propose the following.

CHANGE
  A keyring is a collection of one or more keys in a file or database.
  Traditionally, a keyring is simply a sequential list of keys, but
  may be any suitable database. It is beyond the scope of this
  standard to discuss the details of keyrings or other databases.
INTO
  A keyring is conceptually a set of at least one public key.  To put
  a keyring in an OpenPGP message, it is represented as the concatenation
  of the keys in the ring.

Are you trying to make it into a message?

I never heard of a 'keyring message'  ... if it isn't
defined and nobody has wanted it until now, I'd
have thought there was no value in complicating
things by adding it now.

The reason that the comment is there at all is because
even though it is out of scope, there needs to be a
signal that tells people that.  There have always
been lots of discussions about 'what about the
keyring, it isn't defined!' and this is meant to
clearly indicated that ... it isn't defined.

Note: The original statement speaks of "one or more" keys.  I therefore
     said "at least one" but models are often complicated by treating the
     zero case differently -- could the "one or more" be strikken?  Or
     would this cause unacceptable backward compatibility problems?

If this is about keyrings, then it is a potential tightening
in something that is agreed as out of scope.  As it is out
of scope, it can't be authoritive!

iang

--
News and views on what matters in finance+crypto:
       http://financialcryptography.com/


<Prev in Thread] Current Thread [Next in Thread>